I currently have a Website Payments Standard checkout process for purchasing annual subscriptions & standalone virtual products, which in its simplest form;
- Collects a few basic details about the customer & logs a new purchase in a database on my site
- Uses the trick of preparing a webform that auto-submits to PayPal on the client-side, using the
custom
field to track & verify the purchase with IPN
As I understand, with Express I could
- Cut out the form technique & tighten my application, initiating the request server-side & then send the user straight to PayPal
- Process the payment instantly when the customer is returned (no waiting on possible IPN delays - though I know I can counter for this with auto-return PDT)
- Manage subscriptions on-site (not required, but acknowledged as a benefit)
However, I am aware of the additional work involved, particularly with recurring payments.
Would you argue it's worth it for the gains? Or is what I'm doing acceptable*, given the requirements?
*I've always been concerned about exposing the transaction in a standard PayPal webform, which is why I like the idea of Express, but I'm rigorously validating IPN calls; do I have any genuine reason to worry?